Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

· Fiat Chrysler Automobiles issued a
recall July 11 for 88,346 model year 2008 – 2010 Dodge Challenger vehicles due
to ongoing issues with Takata Corporation air bag inflators which could cause
air bags to prematurely inflate or explode. – Bloomberg

3. July 11,
Bloomberg – (National) Chrysler recalls Dodge Challengers to fix flawed
air bags. Fiat Chrysler Automobiles issued a recall July 11 for 88,346
model year 2008 – 2010 Dodge Challenger vehicles due to ongoing issues with air
bag inflators manufactured by the Takata Corporation which could cause air bags
to prematurely inflate or explode.

· A former professional football player
and a business partner were indicted July 10 for their roles in an alleged
Ponzi scheme in which they used their company, Capital Financial Partners LLC,
to solicit $32 million from over 40 investors to fund high-interest loans. – Boston
Globe See item 6 below in the Financial Services Sector

· All lanes of northbound 110 Freeway in
Carson, California were shut down for several hours July 12 due to a 13-vehicle
car accident that injured 12 people. – KABC 7 Los Angeles

7. July 12,
KABC 7 Los Angeles – (California) Northbound 110 Freeway shut down after 13-car
crash. All lanes of northbound 110 Freeway in Carson, California were shut
down for several hours July 12 while officials investigated a 13-vehicle car
accident that injured 12 people, including 2 in critical condition.

· Metro Detroit customers of WOW, an
Internet, cable and phone service provider, experienced an Internet outage
during the weekend of July 11 due to an attack on the Domain Name Server. – WXYZ
7 Detroit See
item 23 below in the Communications Sector

5. July
10, Las Vegas Review-Journal – (Nevada) Grand
jury indicts 11 for making credit cards at Las Vegas hotels. Las Vegas
prosecutors reported July 10 that 11 suspects were indicted for a year-long
credit card scheme operated out of casino hotels in which they allegedly used
stolen information to manufacture thousands of credit cards that they would use
for thousands of fraudulent transactions. Source: http://www.reviewjournal.com/news/las-vegas/grand-jury-indicts-11-making-credit-cards-las-vegas-hotels

For another story, see item 28 below from the Commercial Facilities Sector

28. July 10,
Associated Press – (National) Data breach at ‘sweetest place on earth’ may have
compromised guests’ financial info. Hershey Entertainment & Resorts
reported July 10 that its point-of-sale system (PoS) was compromised after a
program was installed in its payment system that extracted payment card data
from February 14 – June 2. The company is working to resolve the issue and is
offering card monitoring to those affected.

20. July 13,
Securityweek – (International) APT group uses Seaduke trojan to steal data
from high-value targets. Security researchers from Symantec released an
analysis of the highly-configurable Seaduke trojan used by an advanced
persistent threat (APT) group known for cyber-espionage attacks against
high-value targets including government organizations. The report revealed that
the trojan is installed onto select systems through the CozyDuke trojan, and
that it shares similarities with other “Duke” malware.

21. July 13,
Securityweek – (International) Java zero-day used in attacks on NATO member,
U.S. defense organization. Security researchers at Trend Micro reported that
the cyber-espionage group with monikers including Pawn Storm and APT28 was
using a Java Oracle SE zero-day remote code execution vulnerability in attacks
directed against the armed forces of a NATO member country as well as a U.S.
defense organization by sending out emails containing links to malicious
domains containing the exploit and a trojan dropper. Source: http://www.securityweek.com/java-zero-day-used-attacks-nato-member-us-defense-organization

22. July 13,
Securityweek – (International) Two new Flash Player zero-day bugs found in
Hacking Team leak. Security researchers discovered exploits for two
additional Adobe Flash Player zero-day vulnerabilities in the recent Hacking
Team data leak, including a flaw in the DisplayObject class in ActionScript 3,
and a use-after-free (UAF) vulnerability in the ActionScript3 BitmapData
object. Both vulnerabilities allow a remote, unauthenticated attacker to
execute arbitrary code on an affected system. Source: http://www.securityweek.com/two-new-flash-player-zero-day-bugs-found-hacking-team-leak

For additional stories, see
item 16 below from the Government Facilities Sectorand
23 below in the Communications Sector

16. July 10,
Nextgov – (National) Not just OPM – agency cybersecurity incidents on
the rise. A report released by the Government Accountability Office July 8
showed both cyber and non-cyber security breaches affecting Federal systems
have steadily increased from 6,000 in 2006 to 67,000 in 2014. The report
advocated risk-based cybersecurity programs and improved responses to security
incidents.

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"